surface
Fail
Audited by Gen Agent Trust Hub on Apr 22, 2026
Risk Level: CRITICALPROMPT_INJECTIONDATA_EXFILTRATIONCOMMAND_EXECUTION
Full Analysis
- [PROMPT_INJECTION]: Automated detectors flagged instruction sequences in
references/testing.mdandagents/test-writer.mdas attempts to override system prompts. These are identified as false positives, as the text consists of documentation and test cases specifically designed to teach agents how to identify and resist prompt injection attacks. - [DATA_EXFILTRATION]: A placeholder URL
https://auth.your-server.cominagents/auth-upgrader.mdwas flagged as blacklisted by automated scanners. In the context of this skill, it is used as a generic example value for generating OAuth discovery metadata templates and does not represent an actual exfiltration attempt by the skill. - [PROMPT_INJECTION]: The skill demonstrates an indirect prompt injection surface because it reads and processes untrusted files from external codebases and can perform sensitive operations via
Bash,Write, andEdittools. This risk is mitigated by a mandatory user confirmation step before the skill dispatches agents to perform automated transformations. - [COMMAND_EXECUTION]: The skill uses the
Bashtool to inspect the local environment and execute transformation plans. While these actions are aligned with the skill's purpose of project scaffolding and auditing, the broad scope of the tool represents a security risk if the skill were to process malicious codebase inputs without human oversight.
Recommendations
- CRITICAL: 1 infected file(s) detected - DO NOT USE
- Contains 1 malicious URL(s) - DO NOT USE
Audit Metadata